The UoC-CERT is the University of Cologne's central point of contact for IT security problems and incidents. The goal of the CERT is to protect the university, its members, and its infrastructure from negligent or illegal use of their IP addresses and resources.

Through consistent implementation of its tasks, the CERT contributes significantly to maintaining a high level of security and supports the organization in being adequately prepared for current and future threats. To fulfill its tasks, the CERT must be provided with the necessary resources.

As part of its responsibilities, the UoC-CERT communicates directly with IT administrators, information security management, and those affected. It supports university members using proactive measures to minimise risk and damage from IT security incidents, as well as by responding to security incidents. The CERT:

• Serves as an internal contact point for University of Cologne departments as well as for external stakeholders and authorities reporting IT security incidents.
• Evaluates internal and external sources from partners, such as other CERT institutions
• Cooperates with law enforcement authorities (if disclosure of confidential information is necessary, this is done in coordination with the Legal Department).
• Analyses incidents, identifies causes, and documents the sequence of events, e.g., the sequence of an IT attack and its potential impact.
• In the event of acute threats to central and decentralised systems, it instructs the necessary immediate measures to avert damage to the university's systems and data.
• Leads and manages measures to contain, remediate, or resolve a security incident in close coordination with internal departments and external partners, such as forensic experts or government officials.
• Issues instructions and recommendations for immediate damage control and threat mitigation.

The CERT consists of members of the Security Operations team, the ITCC, and the Information Security team.

CERT's responsibilities do not include the restoration and damage repair following an incident and the associated costs and expenses. These remain the responsibility of the responsible organisational units.